package com.es;

import java.io.Console;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;

public class TestLogin {

    public static void main(String[] args) {

        Scanner sc = new Scanner(System.in);
        System.out.println("欢迎使用学生信息管理系统：");
        System.out.println("请输入用户名：");
        String username = sc.next();
        //密码的输入
        //Console console = System.console();
        //char[] chs = console.readPassword();
        //String password = new String(chs);
        sc.next();
        String password = "a' or 'a'='a";//sc.nextLine();
        boolean isLogin = login(username, password);

    }

    //
    public static boolean login(String username, String password){
        Connection connection = JDBCUtils.getConnection("mysql");
        //
        Statement statement = null;
        ResultSet resultSet =  null;
        try {
            statement = connection.createStatement();
            //查询语句
            String sql = "select id,username,password from sys_user where username='"+username+"' and password='"+password+"'";
            //交互
            System.out.println(sql);
            resultSet = statement.executeQuery(sql);
            if(resultSet.next()){                //
                System.out.println("欢迎回来："+username);
                return true;
            }else{
                System.out.println("用户名或密码错误");

            }
            //

        } catch (SQLException e) {
            e.printStackTrace();
        }finally {
            //释放资源
            JDBCUtils.release(connection, statement, resultSet);
        }

        return false;
    }
}
